To protect the privacy of your identity and your Social Security Statement information, we are using a new identity verification process. To verify your identity, we will ask you for personal information, including
answers to questions that only you should be able to answer.

The new process:

Issues you a unique User ID (Username and Password);

Offers extra security; and

Complies with federal laws, regulations, and guidelines.

In addition to your username and password, we use a second method to check your identification when you sign into or register for my Social Security. You can choose either
your cell phone or email address as your second identification method. Two forms of identification when signing in will help better protect your account from unauthorized use and potential identity fraud.

If you do not have a text-enabled cell phone, or do not wish to provide your cell phone number, you will need to use your email address as a second identification method instead. Since an email address is required to use
my Social Security, you can continue to benefit from the features my Social Security provides. To ensure you receive
the email with the one-time security code timely and it does not go into your spam or junk folder, you can add NO-REPLY@ssa.gov to your contact list.

When you make a verification request to establish your account, our Identity Services Provider may use information from your credit report to help verify
your identity. As a result, you may see a “soft” inquiry entry on your credit report with the Identity Services Provider, indicating that the Social Security Administration made an inquiry at your request and the date
of that request. Soft inquiries do not affect your credit score, and you do not incur any charges related to them. Soft inquiries are displayed in the version of the credit report provided to a consumer and are not
reported to lenders. Soft inquiries will not appear on your credit report from other providers. Soft inquiries are generally removed from your credit report after 12 months. Once you have registered for an online account,
you will not generate additional soft inquiries by logging in to access our services.

We offer you the choice to add extra security when you create an online account. To add this feature, we will need additional information from you to verify your identity:

The last eight digits of your Visa, MasterCard, or Discover credit card; or

Information from your W2 tax form; or

Information from a 1040 Schedule SE (self-employment) tax form.

In the past, we told you Social Security would never ask for your credit card number or other financial information. We have changed our policy for this one service. Now, we may ask you for the last eight digits of your
Visa, MasterCard, or Discover credit card or some other financial information. Once you give us this additional information, we will send you a letter in the mail in five to 10 business days. You will need this letter
to complete the voluntary process to add extra security.

Our security process and federal guidelines require that we take additional security measures so we can be sure that you are who you say you are when you conduct online business with us.

You can voluntarily upgrade to extra security or disable it at any time. Adding extra security does not change the way that you sign in to your account. You must still sign in with your username, password, and a unique
security code we will provide each time you sign in.

The green address bar at the top of your screen indicates the website has an extended validation certificate. This means the information you provide to Social Security will be encrypted and the owner of the website has
been verified by a certification authority.

Extended validation certificates, and their green address bar indicators, provide assurance the website you are using is legitimate and safe, and not a phishing - or fake - site used to trick you into revealing personal
information.

We have extended validation certificates on our secure websites that ask you to enter personal information. You should check for the green address bar and verify the website owner is Social Security before you enter any
personal information.

Internet scam artists use clever schemes to defraud millions of people each year. When they trick you into giving them your personal information, it’s called “phishing.” You can find out how fraudsters are using mySocial Security in phishing scams and how you can protect yourself from being fooled. Learn more…